public async Task <ActionResult> ResetPasswordByCode(ResetPasswordByCodeModel formModel)
{
TryValidateModel(formModel);
// Reassign the passed form to the current context to allow user post it again as hidden fields in the form
WorkContext.Form = Form.FromObject(formModel);
if (!ModelState.IsValid)
{
return(View("customers/forgot_password_code", WorkContext));
}
if (!_options.ResetPasswordNotificationGateway.EqualsInvariant("Phone"))
{
WorkContext.Form.Errors.Add(SecurityErrorDescriber.ResetPasswordIsTurnedOff());
return(View("customers/forgot_password_code", WorkContext));
}
var user = await _signInManager.UserManager.FindByEmailAsync(formModel.Email);
if (user == null)
{
WorkContext.Form.Errors.Add(SecurityErrorDescriber.OperationFailed());
return(View("customers/forgot_password_code", WorkContext));
}
var isValidToken = await _signInManager.UserManager.VerifyUserTokenAsync(user, TokenOptions.DefaultPhoneProvider, "ResetPassword", formModel.Code);
if (!isValidToken)
{
WorkContext.Form.Errors.Add(SecurityErrorDescriber.InvalidToken());
return(View("customers/forgot_password_code", WorkContext));
}
var token = await _signInManager.UserManager.GeneratePasswordResetTokenAsync(user);
WorkContext.Form = Form.FromObject(new ResetPassword
{
Token = token,
Email = user.Email,
UserName = user.UserName
});
return(View("customers/reset_password", WorkContext));
}
public async Task <ActionResult> ResetPasswordByCode(ResetPasswordByCodeModel formModel)
{
TryValidateModel(formModel);
//Reassign the passed form to the current context to allow user post it again as hidden fields in the form
WorkContext.Form = formModel;
if (!ModelState.IsValid)
{
return(View("customers/forgot_password_code", WorkContext));
}
if (!_options.ResetPasswordNotificationGateway.EqualsInvariant("Phone"))
{
ModelState.AddModelError("form", "Reset password by code is turned off.");
return(View("customers/forgot_password_code", WorkContext));
}
var user = await _signInManager.UserManager.FindByEmailAsync(formModel.Email);
if (user == null)
{
ModelState.AddModelError("form", "Operation failed");
return(View("customers/forgot_password_code", WorkContext));
}
var isValidToken = await _signInManager.UserManager.VerifyUserTokenAsync(user, TokenOptions.DefaultPhoneProvider, "ResetPassword", formModel.Code);
if (!isValidToken)
{
ModelState.AddModelError("form", "Reset password token is invalid or expired");
return(View("customers/forgot_password_code", WorkContext));
}
var token = await _signInManager.UserManager.GeneratePasswordResetTokenAsync(user);
WorkContext.Form = new ResetPassword
{
Token = token,
Email = user.Email,
UserName = user.UserName
};
return(View("customers/reset_password", WorkContext));
}
